Craig Brozefsky on Sat, 13 May 2000 00:33:10 +0200 (CEST) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: <nettime> Napster Hurts Free Software |
Florian Cramer <paragram@gmx.net> writes: > I doubt that this is coming as easy or naturally as you suggest and many > others have in the past ten years. The well-known saying that the Internet > would interpret censorship as a bug and root around it implies a > (technicological, political and epistemological) autonomy of the Internet > that doesn't exist. Lawrence Lessig has made many good points concerning > this which are unneccessary to repeat here. The worldwide police action > against the authors of the ILOVEYOU worm and Metallica's reverse > identification and legal persection of Napster users should give some good > impressions of what degree of control is already feasible in the Internet. It does indeed. Unless things have changed in the last few hours they still have no real evidence or suspect in the ILOVEYOU virus case despite said international police action, and what they do have was revealed thru idiotic evidence left in the code. Napster users who desire so are already bypassing Napster's ban, or simply moving to gnutella which does not have the weakness of a centralized authority capable of banning accounts (but does have other weaknesses). Your point however cannot be so easily dismissed. It will take real work on the part of developers, as well as effort on the part of users to maintain the level of (imaginary?) freedom they presently enjoy. This work is to be carried out in legal, cultural, and technical domains. It's not sufficient for us to repeat the "internet routes around censorship" mantra 10 times a day. I feel the technical domain provides the basis for all other attempts at ensuring freedom of access to information and anonymity. Legal or cultural guarantees are meaningless when the stakes get high, but provide the most general protection for those who are not inclined to either use high impedance technologies to acquire said freedom, or are simply operating under a much less severe threat model. Yet even in those situation, the basic technological foundations of TCP/IP, SSL, OS (in)security, controlled distribution of host information, and informally anonymous distributed protocols must be there or the legal and cultural guarantees will not arise. The technical work continues tho, and as the stakes get higher the general public starts becoming aware of more advanced techniques for hiding what information they seek, and what they do with it. The rise of gnutella and Freenet are just the beginning, as informally anonymous distributed protocols they do not really provide the freedom some users desire, but for the purposes of copyright infringement via the sharing of mp3s and the like, it's sufficient in the present environment where the threat profile is quite lax for individuals. Such marginally illegal practices as music and software piracy act as proving grounds for these technologies, and also help to introduce them to the public. The gaggles of mp3 pyrates help us test the scalability to something like gnutella or FreeNet, and provide a cover of white-noise for those who may have more pressing anonymity and distribution needs. The sea of mp3s is a swell place for putting stego'd copies of outlaw data and ensuring it gets distributed far and wide. When the heat gets turned up they will start turning towards things like the Eternity Service[1] and Zero Knowledge Systems[2], URL obfuscating services, and distributed HTTP anonymizers. These services provide protection under an even greater threat level, some would require the resources of an intelligence agency from a industrialized nation to extract incriminating information from them. So there is indeed alot of work to be done, both in deploying the technologies that will take us thru the next round of the arms race to control people's free access to information (pirated or not), and also in the dissemination of these technologies to wider audiences. > > If recording companies really try to impose trusted client on us, geeks > > will crack it faster than you can say "40-bit export limit." They will > > There is no more 40-bit export limit. At least in theory, decent > proprietary cryptography is possible now and can't be broken as > easily if it's implemented in a technically non-stupid way. Key strength is but one component in a trusted client system. There has never been a copyright protection system that hasn't been busted. I don't see that changing given the environment such systems must run in, and the tools and skillz that can be brought to bear upon them. The intellectual property hoarders must balance consumer convenience and desire with security. The gaming console industry has had total control of their hardware platform (something PC software/hardware vendors will never have), and in some cases total control of the software that ran on their systems. Even then, you can purchase mod chips to bypass the IP protection mechanism on any console, getting rid of the region coding as well as the manufacturers attempts at stopping people from playing CD-R copies of their software. Given the track record in the game console market and the control they were able to exercise, it seems unlikely that the PC platform will ever be able to produce a "trusted client" system worth a damn. Intel has backed out of it's scheme to produce unique IDs for CPUs, a important part of a trusted client system able to identify a particular computer, under pressure from consumers. Remember that we have multiple CPU, motherboard, and peripheral vendors for any component of the PC architecture, spread across many different countries. That said, cracks and hacks are not viable solutions for everyone. But they do perform an important task, making people aware of the possibilities and cognizant of the limitations that they are being forced to accept. Just as any adolescent with an internet account today is aware of what mp3s can do and the fact that people are attempting to stop their use, more and more people will become aware of the control that is being exerted over their use of intellectual property and other information. > Free Software has been a successful project because it opted exactly for the > above choice. If people had happily chosen Warez instead, there would be no > GNU/Linux. (The recording industry is stupid. mp3 and Napster are the most > efficient reinforcement tools of mainstream musical taste and hence the best > stardom vehicles. Try to get Stockhausen's "Kontakte" via Napster.) I see that for you, as well as Bruce, it boils down to an issue of proper respect for intellectual property. This insistence led Bruce to make a bunch of groundless arguments about the deleterious effect of music piracy on Free Software. Are you preparing to do the same thing? Unless developers start spending too much time scrounging around for Haujobb mp3s instead of debugging, I see no connection between the two. This doesn't mean that Free Software developers need not be active in the legal domain and can safely assume they code in a vacuum. The causal argument Bruce made, and which you seem to be attempting to support are suspect because the IP monopolists were already pursuing the DMCA and UCITA before Napster and even mp3 started floating around. Indeed, the arms race between copy protection and warez pups has been raging for decades, and we know who is winning that. [1] http://www.cypherspace.org/~adam/eternity/phrack.html and http://www.kolej.mff.cuni.cz/~eternity/ [2] Zero Knowledge Systems http://www.zks.net -- Craig Brozefsky <craig@red-bean.com> Free Scheme/Lisp Software http://www.red-bean.com/~craig "Hiding like thieves in the night from life, illusions of oasis making you look twice. -- Mos Def and Talib Kweli # distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body # archive: http://www.nettime.org contact: nettime@bbs.thing.net